I'm impressed by how well the response was written. Every sentence seemed to be written in a very unambiguous way. The phrasing may have been awkward, but was very appropriate for a Korean audience.
Good point, his email reply got me wondering how familiar he is with Korea and whether he was deliberately tailoring his message for a Korean audience as well.
He talks about not learning from books, not caring about what others think about you, choosing a company based on how they treat you and not how "hot" they are - These are all the complete opposite of what Korea values and the way most Koreans live (book-learning, image-conscious, brand names over personal satisfaction).
You can actually still use a GUI editor with cloud-based development.
The majority of my code is stored on a Linode server. I use SSHFS to mount my working folder and edit in whatever editor I like (typically Geany). Connectivity is still an issue, but can be mitigated by tweaking the cache timeout.
I've had issues with sshfs not sending the proper signals when files are deleted or renamed. It can make it quite frustrating when relying on tools that watch the filesystem for changes (like precompilers or editor tree views).
This is very good advice. It's surprising how many people are adverse to short term loans in otherwise financially stable situations.
Many people fall into the two extremes: they either borrow too much, or they are so afraid of debt that they never borrow at all. People on HN are a bit more paranoid and tend to be the latter.
While I agree that "fake democracy" is a bit over the top, I also can't see how he "hacked into AT&T". There might be enough room to dicker over whether searching for a vulnerability equates to "hacking," but does anyone really believe Auernheimer did anything illegal by manually typing in an address?
Hacked is a very loaded word. In some circles, it means "did a brilliant work cleverly and ingeniously using some stuff not always as it was intended to be used", in others it means "did some computer voodoo and stole my data".
Searching for vulnerabilities on a public sites containing live private data is not a business that one should approach lightly. I personally wouldn't do it without being specifically asked for it. But even if one does, taking then massive amount of data is definitely not what a whitehat researcher does.
>>> but does anyone really believe Auernheimer did anything illegal by manually typing in an address?
As far as I know, he didn't manually type an address. He wrote a script that bruteforced ID protection and downloaded a massive list of private emails. Do I have a wrong information? How is it different from bruteforcing a weak password on an email account and copying all the emails - do you think this is legitimate too and that information was public?
> How is it different from bruteforcing a weak password on an email account
It is different in these ways:
* Brute-forcing the email password is an attempt to circumvent a system designed specifically to keep unauthorized people out. One can not claim this info is public or that authorization was implied.
* Repeatedly making a call to an open, yet hidden, API is simply using it as it was designed. IMO, at most this dude violated some AT&T TOS by scripting the requests.
I think I'll wait for the next stable release. I'm sure I'm not the only person terrified of Wireshark's notorious history of vulnerabilities. Personally, I find a mixture tcpdump and custom tools to be an adequate substitute.
However, someone who has already installed the normal app doesn't need much more trust to add Home as well.